QUESTION 114Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.Your network contains an Active Directory domain named contoso.com.The domain contains a DNS server named Server1. All client computers run Windows 10.On Server1, you have the following zone configuration.

You have the following subnets defined on Server1.

You need to prevent Server1 from resolving queries from DNS clients located on Subnet4. Server1 must resolve queries from all other DNS clients.Solution: From the Security Setting of each zone on Server1, you modify the permissions.Does this meet the goal?

A. YesB. No

Answer: B

QUESTION 115Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.Server1 has two virtual machines named VM1 and VM that run Windows Server 2016. VM1 connects to Private VM2 has two network adapters.

You need to ensure that VM1 connects to the corporate network by using NAT.Solution: You connect VM2 to private1 and External1. You install the Remote Access Server role on VM2, and you configure NAT in the Routing and Remote Access console. You configure VM1 to use VM2 as the default gateway.Does this meet the goal?

A. YesB. No

Answer: A

QUESTION 116You have an Active Directory forest that contains 30 servers and 6,000 Client computers. You deploy a new DHCP server that runs Windows Server 2016. You need to retrieve the list of the authorized DHCP servers. Which command should you run?

Answer: CExplanation:To get all authorized DHCP servers in Active Directory, you can use the following PowerShell cmdlet: Get-DhcpServerinDC

QUESTION 117You have a DHCP server named Server1.Server1 has an IPv4 scope that contains 100 addresses for a subnet named Subnet! Subnet1 provides guest access to the Internet. There are never more than 20 client computers on Subnet1 simultaneously; however, the computers that connect to Subnet 1 are rarely the same computers.You discover that some client computers are unable to access the network.The computers that have the issue have IP addresses in the range of 169.254.0.0/16.You need to ensure that all of the computers can connect successfully to the network to access the Internet.What should you do?

A. Create a new scope that uses IP addresses in the range of 169.254.0.0/16.B. Modify the scope options.C. Modify the lease duration.D. Configure Network Access Protection (NAP) integration on the existing scope.

Answer: CExplanation:The correct answer is to modify the lease duration, 169.254.0.0/16 is an APIPA address, you cannot create a DHCP scope In that range.

QUESTION 118Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.Refer to exhibit, Server1 has two virtual machines named VM1 and VM that run Windows Server 2016. VM1 connects to Private VM2 has two network adapters.

You need to ensure that VM1 connects to the corporate network by using NAT.Solution: You connect VM1 to Internal1. You run the New-NetNatIpAddress and the New-NetNat cmdlets on Server1. You configure VM1 to use VM2 as the default gateway.Does this meet the goal?

QUESTION 119You have a Hyper-V server named Server1 that runs Windows Server 2016. Server1 has an IP address of 192.168.1.78. Server1 has a container named Container1 that hosts a web application on port 84. Container1 has an IP address of 172.16.5.6. Container1 has a port mapping from port 80 on Server1 to port 84 on Container1. You have a server named Server2 that has an IP address of 192.168.1.79. You need to connect to the web application from Server2.To which IP address and port should you connect?

A. 172.16.5.6:80B. 192.168.1.78:80C. 172.16.5.6:84D. 192.168.1.78:84

Answer: A

QUESTION 120You have a remote access server named Server1 that runs Windows Server 2016. Server1 has DirectAccess enabled.You have a proxy server named Server2. All computers on the internal network connect to the Internet by using the proxy.On Server1, you run the command Set-DAClient -forceTunnel Enabled.You need to ensure that when a DirectAccess client connects to the network, the client accesses all the Internet resources through the proxy.What should you run on Server1?

QUESTION 121You have an IP Address Management (IPAM) deployment that is used to manage all of the DNS servers on your network. IPAM is configured to use Group Policy provisioning.You discover that a user adds a new mail exchanger (MX) record to one of the DNS zones.You want to identify which user added the record.You open Event Catalog on an IPAM server, and you discover that the most recent event occurred yesterday. You need to ensure that the operational events in the event catalog are never older than one hour.What should you do?

A. From the properties on the DNS zone, modify the refresh interval.B. From an IPAM_DNS Group Policy object (GPO), modify the Group Policy refresh interval.C. From Task Scheduler, modify the Microsoft\Windows\IPAM\Audit task.D. From Task Scheduler, create a scheduled task that runs the Update-IpamServer cmdlet.

QUESTION 122You have a DHCP server named Server1.Server1 has an IPv4 scope that serves 75 client computers that run Windows 10.When you review the address leases in the DHCP console, you discover several leases for devices that you do not recognize.You need to ensure that only the 75 Windows 10 computers can obtain a lease from the scope.What should you do?

A. Run the Add-DhcpServerv4ExclusionRange cmdlet.B. Create and enable a DHCP filter.C. Create a DHCP policy for the scope.D. Run the Add-DhcpServerv4OptionDefinition cmdlet.

Answer: C

QUESTION 123You have a server named Server1 that runs Windows Server 2016. Server1 has the DHCP Server and the Windows Deployment Service server roles installed.Server1 is located on the same subnet as client computers.You need to ensure that clients can perform a PXE boot from Server1.Which two IPv4 options should you configure in DHCP? Each correct answer presents part of the solution.

QUESTION 124Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. All client computers run Windows 10.On Server1, you have the following zone configuration.

You need to ensure that all of the client computers in the domain perform DNSSEC validation for the fabrikam.com namespace.Solution: From a Group Policy object (GPO) in the domain, you add a rule to the Name Resolution Policy Table (NRPT).Does this meet the goal?

A. YesB. No

Answer: AExplanation:The NRPT stores configurations and settings that are used to deploy DNS Security Extensions (DNSSEC), and also stores information related to DirectAccess, a remote access technology.Note: The Name Resolution Policy Table (NRPT) is a new feature available in Windows Server 2008 R2. The NRPT is a table that contains rules you can configure to specify DNS settings or special behavior for names or namespaces. When performing DNS name resolution, the DNS Client service checks the NRPT before sending a DNS query. If a DNS query or response matches an entry in the NRPT, it is handled according to settings in the policy. Queries and responses that do not match an NRPT entry are processed normally.References: https://technet.microsoft.com/en-us/library/ee649207(v=ws.10).aspx